Standard Terms of Business
As in: November 2016
1. Content and Conclusion
- Parties and Subject Matter. This contract regulates the legal relationship between B.I.C. GmbH, Am Farmböddel 7a, D- 24623 Großenaspe/Germany (“securus“) and its customers (“the customer“) with respect to the provision of a waiting-time-management system consisting of an app for customers of the customer (“end customers“, e.g. those waiting, or seeking an appointment) and software for use by the customers on the Internet (Software as a Service). Securus does not provide its services for consumers, but solely for purposes of commercial or self-employed business activities of the
- No Deviating Regulations. The validity of deviating regulations or of regulations that extend beyond these provisions is excluded. This applies in particular to the standard terms of business of the customer, even if Securus accepts an order from the customer in which the customer draws attention to his/her/its standard terms of business and/or the standard terms of business of the customer accompany the order and Securus does not contradict these.
- Conclusion of the Contract. The contract comes into force when the customer and Securus sign a Service Slip.
- Duties in Electronic Business Transactions. Section § 312g, paragraph 1, nos. 1, 2 and 3, as well as section § 312g, paragraph 1, sentence 2 of German Civil Code »Bürgerliches Gesetzbuch (BGB)«, which foresee certain obligations on the part of the businessman in cases of contracts in electronic business transactions, are excluded by contract.
2. Services of Securus
- Right of Use. Securus provides the customer with the performance specifications indicated on the Service Slip and with the software product (“software“) described for use via the Internet (“service“). The software is used on the computers of a computer centre utilized by Securus. The customer receives, for the period of this contract, the non-exclusive and non-transferable right to access the software by means of a browser and an Internet connection for his/her/its own business purposes solely in the context of his/her/its commercial or self-employed business activities. This includes the right, to the extent required for this, to store function code (e.g. JavaScript) on the user’s computer temporarily (e.g. in the working memory or browser cache) and to execute it there. The right of use is limited to the maximum number of locations booked by the customer, in accordance with the Service Slip. Assignment of use or preparation of the service for a third party is prohibited. During a free test phase the customer is not permitted to use the facilities for productive purposes.
- Availability. Securus makes the service available to the customer in accordance with the performance specifications on the Service Slip (service levels). The customer is responsible for the Internet connection between the customer and the computer centre, and for the hardware and software required for this (e.g. PC, network connection, browser). Securus provides its services at the connection point of the computer centre utilized by Securus with the Internet.
- Setup. The customer undertakes the first-time setup of the services (individual settings or input/import of data). A change in the services, particularly reprogramming to meet the wishes of the customer, is not envisaged. Such performance must be separately agreed on and must be paid for.
- Securus provides free telephone and e-mail support as a help in using the service. This support does not include general know-how transfer, training, configuration, implementation, customer-specific documentation or adaptation of the software. The support service is provided by Securus on weekdays, from Monday to Friday, between 9.00 a.m. – 4.00 p.m. Exceptions here are made for local public holidays at the location of Securus, and for the 24th and 31st of December of each year. The time required for a first-time reaction to e-mail enquiries is 48 hours. Enquiries received outside of the support times are regarded as having arrived during the next-following workday.
- Unless some other agreement has been reached, Securus is not required to provide user documentation. Other documentation, training or introductory services must be separately agreed on and must be paid for.
- Changes in Performance. The customer is aware that the software used is standard software that is made available as “Software as Service” and that, in this connection, is accessible to a wide variety of customers on a central system. The scale benefits resulting from such a multi-tenancy model can only be used in the form of a uniform software product that can also be further developed. The parties therefore agree that Securus can alter the service (including the system requirements) when there is a good reason for doing so. Such a reason exists in particular when the change is necessary because of (i) a necessary adaptation to a new legal situation or to court rulings, (ii) altered technical framework conditions (new browser versions or technical standards), or (iii) protection of the system security. Apart from this Securus can alter the service in the context of a further development of the software accordingly (e.g. switching off old functions that have been largely replaced by new ones). Securus will inform the customer by e-mail in good time, generally four weeks in advance, about any disadvantageous changes that are not insignificant. The consent of the customer to such a change is regarded as having been given if the customer has not objected to the change in writing, or by e-mail, by the date scheduled for the change. When announcing the change, Securus will again draw attention to these legal consequences. If the change would alter the contractual balance between the parties to the encumbrance of the customer, and not only insignificantly, the change will not be made.
3. Remuneration and Default on Payment
- Fee Structure. During the contract period the customer owes Securus the remuneration agreed to in the Service Slip for use of the The remuneration can be in the form of a one-time setup charge, a fixed monthly basic charge and a monthly user fee determined on the basis of the number of user units booked.
- When the Basic Charge and the User Fee are Incurred. The basic charge and the user fee are due with the commencement of the contract and then, in each case, on the same calendar day of the following months. An increase in the number of locations booked (or a change to a higher service package) is possible at any time. A reduction (or a change to a lower service package) is only possible with effect as from the end of the basic period, or an extension period, or earlier with the consent of Securus. In the case of an increase in the booked locations within the basic period, or an extension period, the additional charges will be invoiced proportionately. For the additional user units the prices apply in accordance with the valid Securus price list at the time of ordering of the additional user units.
- Securus invoices the charges at the commencement of the contract and then every quarter in advance. The sum invoiced is to be paid within 14 days. The invoicing takes place online by placement of the invoice in the customer menu as a downloadable and printable PDF file, or as a dispatch by e-mail (“online invoice“). There is no right to digitally signed invoices (section § 14, paragraph 3 of German Turnover Tax Law »Umsatzsteuergesetz (UStG)«). In the case of the online invoice, this is regarded as having been received by the customer if it is available for call up by him/her/it in the customer menu and is thus within his/her/its disposal, or with the receipt of the e-mail. Securus reserves the right to send the invoice by post, as an alternative to the online invoice. The customer only has a right to have an invoice sent by post, however, if he/she/it requests this of Securus and pays the sum agreed to for this (currently EUR 1.45 per individual invoice).
- Payment by Direct Debit. Payment of the invoice sums is undertaken by means of SEPA direct debit, or by PayPal transfer. The customer undertakes to give Securus a corresponding SEPA direct-debit mandate (see annex).
- Commencement of Use. The use of the service is first permissible and possible – except for use in the context of a free test phase – as from the time of receipt of the invoice amount by Securus.
- Net Prices. All prices indicated are given prior to the respective statutory turnover tax.
- Default on Payment. If the customer defaults on payment of the remuneration, or a non-insignificant part of the remuneration, for two calendar months, or defaults during a period lasting longer than two months on payment of remunerations amounting to a sum reaching twice that of a monthly basic charge plus user fee, Securus is entitled, after sending a corresponding warning by e-mail or by letter, to block the customer’s access to the service or to terminate the contract for exceptional reasons. During such blockage the customer has no access to the data stored in the service. In the event of such termination point 9.4 applies.
4. Duties and Obligations of the Customer
- Backup Copies. The customer is obliged to keep copies of the data input by him/her/it and to regularly make backup copies (e.g. transfer of appointments to the internal system). If the customer violates this obligatory duty to ensure proper data security, Securus is liable, in the event of loss of data, only to the extent of the liability for damage that would also have been suffered in the case of proper and regular securing of data by the customer.
- Lawful Utilization. The customer must use the service solely within the framework of the contractual and statutory provisions and must not violate, by such use, any rights of third parties. In using the service the customer must observe in particular the regulations on data protection, competition law and copyright and must not input defective or illegal data, or misuse the service in any other way.
- System Requirements and Obligation to Assist. Hardware and software requirements placed on the customer, as well as organizational demands and obligations of the customer to assist are regulated in the Service Slip. Unless some other stipulation has been made, the customer must use a current browser version of Internet Explorer, Google Chrome, Firefox or Safari.
- Tax-Relevant Data. The customer is obliged to keep data in accordance with the statutory requirements (particularly the regulations of commercial law and tax law). The customer is aware that the service does not satisfy the demands of Principles of Data Access and Auditability of Digital Documents »Grundsätze zum Datenzugriff und zur Prüfbarkeit digitaler Unterlagen (GDPdU)«.
5. Customer Data and Data Protection
5.1. Customer data. The customer shall be exclusively entitled to the data inserted by the end customer in the course of using the services (e.g. name, dates, comments) and the data generated in the course thereof and attributable to the customer (e.g. number tickets) (jointly referred to as “customer data”). Securus shall use the customer data in a confidential manner.
5.2. Use of the customer data. Hereby, the customer grants to Securus the non-exclusive, global, cost-free right limited to the term of this contract to use the customer data for the purposes of providing the service, in particular to store such data in a data centre operated by Securus . In addition, Securus shall remain entitled to use the customer data in aggregated or statistical form for error analyses and further development of the functions of the software as well as for anonymised evaluations and benchmarks.
5.3. Commissioned processing. To the extent the customer data are personal data, the following shall apply: Securus shall process the customer data as processor under Article 28 of German General Data Protection Regulation »Datenschutz-Grundverordnung (DSGVO)« only on behalf and subject to the instructions of the customer and only for the purpose of providing the services. The customer shall remain responsible for lawfulness of the collection, processing and use of the customer data in accordance with the statutory provisions, in particular the German Data Protection Law »Bundesdatenschutzgesetz (BDSG)«. Details are stipulated in the contract on commissioned data processing entered into between Securus and the customer.
5.4. Data protection information. Details on the collection, processing and use of personal data by Securus are described in the data protection information of the app. Such information is available at www.securus-m.de/datenschutz/. However, the customer is obliged to create its own additional data protection information and to provide it to the end customer if the customer collects personal data such as name, customer number or e-mail address via the service.
5.5 The contractual parties agree that their personal data are stored and processed for the purpose of performing a contract as defined under Art. 6 (1) point (b) DSGVO. For the purpose of providing further offers, we use the option of sending to you new offers on a regular basis. Such transfer of offers serves our legitimate interest for direct marketing pursuant to Article 6 (1) point (f) DSGVO. If you do not wish to receive any offers, you have a right to object.
5.5.1 Right of access. The contractual parties shall be entitled to obtain information on their data stored (e-mail address) upon request and free of charge.
5.5.2 Right to rectification, erasure and restriction. The contractual parties shall have the right to rectification, erasure or blocking of inaccurate data. The request can be filed informally, even in oral form. In case of oral requests by phone, however, there will generally be doubts about your identity, as opposed to personal visits.
5.5.2.a. Right to erasure. The right to erasure is subject to one of the following grounds being applicable:
- The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
- The data subject has withdrawn their consent to data processing (and there is no other legal basis).
- The data subject has filed an objection to the processing (and there are no overriding legitimate reasons for processing).
- The personal data have been unlawfully processed.
- The personal data have to be erased for compliance with a legal obligation in Union or Member State law.
- The data were collected about a child in connection with an information society service.
5.5.2.b Right to restriction of processing. The right to restriction is subject to one of the following grounds being applicable:
- The data subject denied accuracy of the personal data as long as the controller examines the accuracy of the personal data.
- The processing is unlawful and the data subject has opposed the erasure of the personal data and requested the restriction of its use instead.
- The controller no longer needs the personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise or defence of legal claims.
- The data subject has objected to the processing as long as it is not clear whether the legitimate reasons of the controller override those of the data subject.
5.5.2.c Rectification of the data. The controller rectifies the data subject’s data. Taking into account the purposes of processing, the data subject further has the right to have incomplete personal data completed.
5.5.3 Your right to object
Insofar as your personal data are processed pursuant to Art. 6 (1) sentence 1 point (f) DSGVO on the basis of legitimate interests, you have the right, pursuant to Art. 21 DSGVO, to submit an objection to the processing of your personal data insofar as appropriate reasons exist which arise from your particular situation or if the objection is aimed at direct advertisement. In the latter case, you have a general right to object, which we will implement without indication of any particular situation.
If you wish to make use of your right of revocation or objection, simply send an e-mail to datenschutz@bic.com.de
5.5.4 Further information
More information on data protection as well as on the information obligations can be found at www.securus-m.de/datenschutz/
6. Claims Based on Defects
- Freedom from Defects, and Characteristic Properties. Securus will provide the service free of material defects and legal shortcomings and will maintain the software, during the contract period, in a condition appropriate for contractual use. As regards the contractually agreed characteristic properties of the software, the performance specifications contained in the Service Slip are exclusively determinative, not however information on the website, verbal or written statements of Securus made in advance of the conclusion of contract, or information contained in Securus marketing material. The duty to upkeep the software does not embrace the adaptation of the software to altered operating conditions or to technical or functional developments such as changes in the IT environment, particularly changes in hardware or in operating systems, adaptations in the scope of functioning of competing products or establishing compatibility to new data formats.
- Correction of Defects. The customer must report defects in the service to Securus immediately and must explain in detail the circumstances in which these arise. Securus will eliminate the defect within a reasonable Securus is entitled to show the customer temporary error-avoidance possibilities and to eliminate the defect later by adaptation of the software, provided this approach is not unreasonable for the customer.
- Initial Exclusion. Fault-independent liability for initial defects in accordance with section § 536a, paragraph 1, alt. 1 of BGB is excluded.
- Period of Limitation. Claims based on defects fall under the statute of limitations within 12 months. This does not apply in the case of compensation claims based on defects, if Securus is compellingly liable by virtue of law (cf. point 8.1, sentence 2).
- Statutory Regulation Otherwise the statutory regulations for claims based on liability for defects apply.
- Charge-Free Use. If Securus provides services free of charge (e.g. during a test phase) priority is given to the regulations on the lending, i.e. in particular, claims based on liability for defects are limited for Securus, in accordance with section § 600 of BGB, to deceitfulness, liability, in accordance with section § 599 of BGB, is limited to malintent and gross negligence, and the shortened period of limitation of six months, in accordance with section § 606 of BGB, applies.
7. Release Obligations
- Obligation to Release. If third parties (including public bodies) raise claims against Securus, or cite infringements of the law, based on violations of the customer against his/her/its contractual duties, particularly as regards the input of illegal data to the service or use of the service in a way that is anti-competitive or is otherwise unlawful, the following applies: the customer must immediately release Securus from such claims, must provide Securus with appropriate support in its legal defence, and must exempt Securus from the costs of legal defence.
- Prerequisites for the Obligation to Release. Prerequisites for the obligation to release, in keeping with point 7.1, are that Securus immediately informs the customer in writing about the claims raised, makes no admission of fault or equivalent declarations, and enables the customer, at the costs of the customer – where possible – to engage in all negotiations, in court and out of court, relating to the claims.
8. Limitations on Liability
- Exclusion in Certain Securus is liable for damage that is
a) caused by Securus deliberately or due to gross negligence, or
b) caused by Securus due to slight negligence and relates to significant breach of duty, that endangers the achievement of the for purposes of this contract, or that relates to violation of duties the fulfilment of which first enable the proper and orderly implementation of this contract and on the compliance of which the customer is entitled to relay (e.g. that customer data has been fully lost and that even old data is not reconstructible).
Otherwise, liability on the part of Securus is excluded, regardless of the legal argument, unless Securus is compellingly liable by virtue of law, particularly in cases of injury to a person’s life, limb or health, acceptance of an explicit guarantee, fraudulent concealment of a defect, or in keeping with the Product Liability Act. Guarantees by Securus are given in written form only and, in cases of any doubt, are only to be regarded as such if they are designated as a “guarantee”.
- Limitations on Liability Payments. In the event of point 8.1, sentence 1, letter b), Securus is liable only to an extent limited to damage that is typically foreseeable for a contract of this type.
- Level of the Typically Foreseeable Damage. The parties assume, for cases such as those referred to under point 8.1, sentence 1, letter b), that the “typically foreseeable damage” amounts, for all cases of damage incurred in a calendar year, to a maximum of the net payment received by Securus as a net payment for software-as-a-service performance that, in keeping with the agreement, was foreseen or was incurred for this calendar year (depending on which of these two amounts is the higher).
- Free Test Phase. The liability of Securus for damage that is caused during a free test phase or during other free provision of the service is limited to malintent and to gross negligence.
- Employees and Representatives of Securus. The limitation of liability of points 8.1 to 8.4 also apply to claims raised against employees and representatives of Securus.
9. Period of Contract and Termination of Contract
- Free Test Phase. If a free test phase has been agreed to with the customer, the following applies to the period of the Upon conclusion of the contract a 90-day test phase first begins. For the test phase no setup charges, basic charges or user fees are incurred. With the expiry of the test phase the basic period, in accordance with point 9.2, begins automatically, provided the customer has not terminated the contract subject to a period of notice of 5 workdays to the end of the test phase.
- Contract Period. Depending on the customer’s order, the contract is concluded for a certain period (“basic period“) and subsequently extends automatically by the same period (“extension period“), if the contract has not be terminated by one of the parties subject to a period of notice of four (4) weeks (“period of contractual notice“) to the end of the basic period or of an extension period. Unless some other agreement is reached, the basic period and the extension period amount in each case to twelve (12) months. The right to termination for good cause remains unaffected. Point 3.2 applies to the reduction of locations.
- Form. Notice must be given in writing.
- Data at the End of the Contract. At the end of the contract period the customer can no longer access his/her/its customer data (e.g. still open, non-expired dates). Before the end of the contract period the customer must therefore export such data, with the help of the service’s export function, and must store this data on his/her/its own equipment for further utilization. Securus is only obliged to undertake an additional issue of the customer data (e.g. preparation as an SQL dump, or in a specific format) if this has been separately agreed to and will be paid for. At the end of the contract Securus will delete the customer data, unless Securus is legally obliged to ensure safekeeping. If deletion is only possible with excessive cost or effort (e.g. in backups), Securus is entitled to block the data.
10. Final Provisions
- Service Slip. The Service Slip is a component of the contract. In the event of a contradiction between these Standard Terms of Business and the Service Slip, the conditions of the Service Slip have priority.
- Offsetting. With respect to other claims than those of his/her/its contractual counterclaims arising from the respective legal transaction, the customer can only offset or exercise a right of retention if the claim is uncontested by Securus or has been legally established.
- Written Form. Amendments to this agreement require the written form. This also applies to any exclusion of the written-form requirement.
- Applicable Law. This contract and all disputes in connection with it (whether contractual or constituting an offence) are solely subject to German law, to the exclusion of any application of UN purchase law.
- Place of Jurisdiction. If the customer is a businessman, a public-law corporate body or public special assets, the sole place of jurisdiction is that of Securus. Securus remains entitled to raise suit at the place of registration of the
- Partial Ineffectiveness. Should one of the provisions of this contract prove to be ineffective, whether now or at some future date, this shall not detract from the effectiveness of the remaining provisions. In place of the ineffective provision a provision that the parties would have agreed to, in keeping with the originally intended purpose, as seen from an economic standpoint, shall be adopted. The same applies in the case of a contract omission.